Community
Let me introduce a few topics before we dive deep into the problem.
A hosted wallet, or custodial wallet, is a type of cryptocurrency wallet in which a third-party service provider manages the private keys instead of the wallet owner. During blockchain transactions, a hosted wallet enables the owner to initiate a trade using the wallet's interface.
Once the transaction starts, the wallet service provider oversees the subsequent steps, including broadcasting the transaction to the network, verifying its authenticity, and ensuring the correct cryptocurrency amount is transferred from the wallet owner's address to the recipient's address. This process employs the service provider's nodes on the blockchain network to manage the transaction.
Hosted wallets are typically user-friendly and simple to navigate, which makes them appealing to beginners and those who favor a more uncomplicated interface. However, it's crucial to understand that since the service provider manages the private keys, a level of trust in the provider is necessary to safeguard the funds stored in the wallet. Moreover, users might not have full control over their funds, and the service provider might impose certain restrictions or fees related to using their wallet service.
An unhosted crypto wallet, also referred to as a non-custodial or self-custody wallet, is a type of cryptocurrency wallet where the wallet owner has full control over the private keys, rather than relying on a third-party service provider. Essentially, an unhosted wallet allows the user to have complete authority over their cryptocurrency assets, as they are the sole individuals with access to their private keys. These wallets can be found in various forms, such as software or hardware. Software wallets can be downloaded and installed on a desktop or mobile device, while hardware wallets are physical devices specifically designed to securely store private keys offline.Because unhosted wallets do not depend on a third-party service provider, they are generally viewed as more secure than hosted wallets. However, they may be more challenging to use, and users must take on the responsibility of safeguarding their private keys, as losing them can lead to the loss of their cryptocurrency assets. Unhosted wallets have gained popularity among cryptocurrency enthusiasts who value security and control over their funds. Nevertheless, they might not be the most suitable choice for beginners or those who are not comfortable managing their private keys.
The term virtual asset service provider (VASP) is more frequently used outside the European Union (EU), whereas the term crypto asset service providers (CASPs) is utilized within the EU region.
The European Commission made a significant move to combat money laundering and terrorism financing with an ambitious package of legislative proposals presented on July 20, 2021. The package aims to strengthen the EU's anti-money laundering and countering terrorism financing (AML/CFT) rules.
The package includes various measures to improve the EU's AML/CTF framework, including the revision of the Transfer of Funds Regulation to make it possible to trace transfers of crypto-assets by imposing Travel Rule requirements on CASPs.
The European Parliament plenary finally approved the Transfer of Funds Regulation revision on April 20, 2023.
What are VASPs expected to do when transacting with non-obligated entities (such as unhosted wallets)?
Obtain the originator and beneficiary information from the VASP's customer when sending or receiving a virtual asset transfer to an unhosted wallet because there is no other VASP from which to obtain the information. Since there is no other VASP from which to get the information when transacting with unhosted wallets, VASPs will need to collect the data from both sides of the transaction. It is essential to mention that this recommendation may only apply to transactions above $1,000/EUR, but this might vary depending on how different jurisdictions implement it.
To comply, VASPs must collect all the necessary Travel Rule information (names, account numbers or wallet addresses, addresses or IDs, DOBs, POBs, etc.) without compromising user experience.
EU CASPs must comply with Travel Rule obligations in every transaction, regardless of the amount.
It required the originator and the beneficiary customer information in the European Union.
According to FATF recommendations, transactions involving self-hosted wallets are included in the updated Transfer of Funds Regulation.
When transacting with self-hosted wallets, European CASPs must collect the required originator and beneficiary information and comply with the following additional wallet verification obligations for transactions exceeding 1,000 Euros:
When sending a transfer exceeding EUR 1,000 to a self-hosted wallet, the originator VASP is required to verify if that wallet is owned or controlled by the originator customer;
When receiving a transfer exceeding EUR 1,000 from a self-hosted wallet, the beneficiary VASP must verify that the beneficiary customer owns or controls the originating wallet.
This means wallet ownership verification requirements apply to first-party transactions to/from self-hosted wallets exceeding EUR 1,000.
.
In its Updated Guidance for VAs and VASPs (October 2021), FATF makes it clear that counterparty due diligence to engage in Travel Rule flows is distinct from the due diligence required to establish correspondent banking relationships :
The nature of CASPs' relationships for transacting and sharing Travel Rule information is distinct from correspondent banking relationships and, hence, could justify a different - and more limited - scope of counterparty due diligence obligations to apply.
However, the revised Transfer of Funds Regulation goes in a different direction: citing the “ongoing and repetitive" nature of the relationships between domestic CASPs and foreign VASPs to transact, the TFR deems these relationships as a type of correspondent relationship subject to enhanced due diligence measures.
Travel Rule compliance needs to be performed pre-transaction. This is particularly important given the specific characteristics of virtual asset transactions: settlement is immediate and irreversible; hence, only pre-transaction actions can effectively mitigate risk.
According to the revised TFR, originator CASPs must transmit information to the beneficiary CASP before sending the corresponding crypto transaction. In turn, Beneficiary CASPs must ensure the required data is received before making funds available to the end customer.
The Financial Action Task Force (FATF) Travel Rule requires virtual asset service providers (VASPs) to collect and transmit certain information about their customers and the transactions they process. This information includes the name and address of the sender and receiver of the transaction, as well as the originator's account number and the beneficiary's account number. This rule applies to all VASPs, including those that operate unhosted wallets.
One approach to bring unhosted wallets into compliance with the FATF Travel Rule is to use a third-party service provider specializing in compliance with the rule. These providers can act as intermediaries between unhosted wallet users and VASPs, collecting and transmitting the required information on behalf of the wallet users. This allows unhosted wallet users to continue using their wallets while complying with the rule.
Another approach is for unhosted wallet users to collect and transmit the required information themselves manually. This could involve using a standardized format for the information and ensuring the data is transmitted securely to the VASP involved in the transaction. This approach may be more complex and time-consuming, but it allows unhosted wallet users to maintain complete control over their wallet and their transactions.
It's worth noting that compliance with the FATF Travel Rule is an ongoing process, and VASPs and unhosted wallet users must remain vigilant to ensure that they meet the rules' requirements as they evolve.
The number of unhosted wallet users in 2022 was 84 million. Now, if you are the proud owner of an unhosted wallet, you got a big problem! To continue using your wallet with Crypto-Asset Service Providers, you must get out of your anonymity and provide CASPs with Identity info each time you interact with them (sending or receiving cryptocurrency). The following procedure will allow you to convert your useless anonymous account into an adequately named account.
Export your private key from the existing wallet address.
Import this private key into the named TRIO wallet. An imported address will be created.
TRIO system will automatically pair your Identity with this imported address.
Authorise TRIO to share your Identity info with VASP.
If you prefer, you can go back to your unhosted wallet, and now your identity is linked. Moving forward, whenever your VASP needs to verify your identity, it can request information from the TRIO service.
You can keep using your current unhosted wallet with all the familiar options! For instance, you can purchase or sell ETH on a crypto exchange using your unhosted wallet.
But since you are also a TRIO user – you may transfer ETH to or from your TRIO account and enjoy all the benefits of alternative payments using Pay with TRIO.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Konstantin Rabin Head of Marketing at Kontomatik
07 April
Amey Prabhu Solution Architect & Head of Trade Finance Product at Veefin
04 April
Barley Laing UK Managing Director at Melissa
Oleg Boiko Founder at Finstar Financial Group
03 April
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.